Draytek VigorConnect 1.6.0-B3 lacks cross-site request forgery protections and does not sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: tenable

Published: 2021-10-13T15:48:15

Updated: 2024-08-03T17:30:07.598Z

Reserved: 2020-12-17T00:00:00

Link: CVE-2021-20126

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-10-13T16:15:07.477

Modified: 2024-11-21T05:45:58.490

Link: CVE-2021-20126

cve-icon Redhat

No data.